Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains... Critical Unreviewed
CVE-2017-8013 was published May 14, 2022
IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact... High Unreviewed
CVE-2016-0235 was published May 14, 2022
A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC... Critical Unreviewed
CVE-2018-1216 was published May 14, 2022
An issue was discovered on Wireless IP Camera 360 devices. Remote attackers can discover a weakly... Critical Unreviewed
CVE-2017-11634 was published May 14, 2022
Datto ALTO and SIRIS devices have a default VNC password. Critical Unreviewed
CVE-2015-9254 was published May 14, 2022
backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@#... Critical Unreviewed
CVE-2014-3205 was published May 14, 2022
Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named ... High Unreviewed
CVE-2018-1214 was published May 14, 2022
IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and... Critical Unreviewed
CVE-2012-2166 was published May 14, 2022
An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a... Critical Unreviewed
CVE-2018-6825 was published May 14, 2022
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless... High Unreviewed
CVE-2017-12724 was published May 14, 2022
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless... Moderate Unreviewed
CVE-2017-12725 was published May 14, 2022
A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless... High Unreviewed
CVE-2017-12726 was published May 14, 2022
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the... Critical Unreviewed
CVE-2018-6387 was published May 14, 2022
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-coded credentials. A remote... Critical Unreviewed
CVE-2017-1204 was published May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. Critical Unreviewed
CVE-2018-5723 was published May 14, 2022
The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to... Critical Unreviewed
CVE-2017-14143 was published May 14, 2022
TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of... Critical Unreviewed
CVE-2014-8579 was published May 14, 2022
Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1029 password for the root... Critical Unreviewed
CVE-2017-17107 was published May 14, 2022
The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is... Critical Unreviewed
CVE-2017-14374 was published May 14, 2022
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that... High Unreviewed
CVE-2017-14376 was published May 17, 2022
Django user with hardcoded password created when running tests on Oracle Critical
CVE-2016-9013 was published for Django (pip) May 17, 2022
MarkLee131
A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all... Critical Unreviewed
CVE-2017-12928 was published May 17, 2022
On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default)... Critical Unreviewed
CVE-2017-8772 was published May 17, 2022
On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default)... Critical Unreviewed
CVE-2017-8771 was published May 17, 2022
An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software... High Unreviewed
CVE-2017-9956 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database